Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
simmons 5 hours ago

Yes, I remember feeling pride in the stability of my systems when I saw a large uptime. I had a server that had 1000 days of uptime, once. Now when I see a large uptime, I'm terrified of what security patches the kernel may be missing!

milesvp 2 hours ago | parent | next [-]

I still remember the days of servers as pets, rather than cattle, and I was harping about server uptime. A wizened server admin piped in and said he rebooted his servers once a week. Said, if you do it any less frequently, then the odds of catching an error causing change while the person who made said change (possibly himself) is still around and can remember what they did go down precipitously. So, to avoid headaches and potential downtime when it mattered, he would just take servers out of rotation and reboot them, and make sure they came back online.

usefulcat 2 hours ago | parent [-]

So true. We have one older, rather large machine in a data center that's been up for.. (checks uptime): 963 days. It has IPMI but at some point something stopped working and now we have to physically go to the data center to restart it. And since we use it every day we can't really afford to lose access to it.

mmh0000 2 hours ago | parent | prev | next [-]

Live Kernel Patching has been around for about 20 years[-1] now.

Red Hat Enterprise Linux[1] and Oracle (Enterprise Linux) Unbreakable Linux[2] both use it as a selling point.

This feature is still a bit ad hoc because, in most setups, rebooting a system isn't a huge burden and is much simpler than using boutique commands to live-patch it.

[-1] https://en.wikipedia.org/wiki/Ksplice

[0] https://www.ksplice.com/

[1] https://www.redhat.com/en/topics/linux/what-is-linux-kernel-...

[2] https://docs.oracle.com/en/learn/ol-ksplice/

da-x 4 hours ago | parent | prev | next [-]

Thankfully there's livepatching (e.g. https://ubuntu.com/security/livepatch )

jauntywundrkind 4 hours ago | parent [-]

6.19 added a new Live Update Orchestrator, which allows significantly more of the system to be retained while doing a kexec / Kernel Handover like transisiton to a new kernel too. https://www.phoronix.com/news/Linux-6.19-Live-Update-LUO https://lwn.net/Articles/1033364/

Systemd added support in recent 2.61. Theres also now ways to have user stores, that survive across switches. https://www.phoronix.com/news/systemd-261

da-x 4 hours ago | parent [-]

I'm glad to see this. Almost 18 years ago I implemented a similar kexec device+memory preservation for a storage vendor. It was done on a Linux kernel of that day, and it had had a memory reservation and handoff protocol between the two kernels to keep some specific PCI device alive, allowing for state restoration at the application side. I'm proud of the fact that the kernel replacement was just under 1 second in execution (after init process optimization) and the whole kernel+app was less than 10 seconds.

fragmede 4 hours ago | parent | prev [-]

Ksplice came out of MIT in 2008, which updates your kernel while it's running. No need to reboot! Supports Ubuntu.